Published: 19/10/2017 Updated: 08/11/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Webmin prior to 1.860 has XSS with resultant remote code execution. Under the 'Others/File Manager' menu, there is a 'Download from remote URL' option to download a file from a remote server. After setting up a malicious server, one can wait for a file download request and then send an XSS payload that will lead to Remote Code Execution, as demonstrated by an OS command in the value attribute of a name='cmd' input element.

Vulnerable Product	Search on Vulmon	Subscribe to Product
webmin webmin

[+] SSD Beyond Security: blogssecuriteamcom/indexphp/archives/3430 [+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinxaltervistaorg [+] Source: hyp3rlinxaltervistaorg/advisories/WEBMIN-v1850-REMOTE-COMMAND-EXECUTIONtxt [+] ISR: ApparitionSec Vulnerability summary The following advisory describes t ...

CWE-79 https://github.com/webmin/webmin/commit/0c58892732ee7610a7abba5507614366d382c9c9 https://blogs.securiteam.com/index.php/archives/3430 http://www.webmin.com/security.html http://www.webmin.com/changes.html https://nvd.nist.gov https://www.exploit-db.com/exploits/42989/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-15646

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect